Lucene search
MitreCVE-2004-0337HistoryNov 23, 2004 - 5:00 a.m.
CVE-2004-0337
2004-11-2305:00:00
mitre
web.nvd.nist.gov
30
cve-2004-0337
xss
lan suite
web mail
602pro
vulnerability
remote attackers
arbitrary script
html
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.3
Confidence
High
EPSS
0.007
Percentile
80.4%
Cross-site scripting (XSS) vulnerability in LAN SUITE Web Mail 602Pro allows remote attackers to execute arbitrary script or HTML as other users via a URL to index.html, followed by a / (slash) and the desired script. NOTE: the vendor states that this bug could not be reproduced, so this issue may be REJECTed in the future.
Affected configurations
Node
software602602pro_lan_suiteMatch2002
ORsoftware602602pro_lan_suiteMatch2003
| Vendor | Product | Version | CPE |
|---|---|---|---|
| software602 | 602pro_lan_suite | 2002 | cpe:2.3:a:software602:602pro_lan_suite:2002:*:*:*:*:*:*:* |
| software602 | 602pro_lan_suite | 2003 | cpe:2.3:a:software602:602pro_lan_suite:2003:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2004-0337
2004-03-18 05:00:00
exploitdb
exploitdb
Software602 602Pro LAN Suite - Web Mail Cross-Site Scripting
2004-03-01 00:00:00
nvd
nvd
CVE-2004-0337
2004-11-23 05:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.3
Confidence
High
EPSS
0.007
Percentile
80.4%
Related for CVE-2004-0337